Blog

Many Popular Smartphones Are Shipping With Malware

Have you recently purchased an Android phone? Depending on the brand and where you got it, you may have purchased a device pre-loaded with malware.

So far, two unidentified vendors have been found selling smartphones from a variety of manufacturers containing malware from two different and particularly nasty families of malware: SLocker and Loki.

In all, at least thirty-six different models have been discovered, including phones from:

• Lenovo
• Oppo
• Nexus
• Asus
• LG
• Xiaomi
• Samsung

And others. As you can see, these are some very big names in smartphone manufacturing.
It’s important to note that the malware was not on the phones in question when they left their respective manufacturers. The malicious code was inserted later, at some point along the supply chain.

This is an especially dark development, because in both cases, the malware is especially vile.

Loki made its first appearance in 2016 and is highly advanced. It is a Trojan that coopts the Android OS, giving root-level permission to itself and any other software installed on its heels.

That means that the hacker who controls it has access to your browsing history, call history, location data, contact list and more.

SLocker is certainly no better. It is a mobile ransomware that locks the owner’s device, then demands a ransom, payable in bitcoins. It’s a grim piece of malware for two reasons. First, because it communicates with its creators via TOR, it’s virtually impossible to track and identify the hackers. Second, in addition to locking the device, it gives the app controller unfettered access to everything on it.

Here’s the complete list of smartphones that have been identified. It’s worth noting that not every unit sold from these models will be infected, but these are the models at risk: